self-hosted/teleport

Fork 0

mirror of https://github.com/gravitational/teleport synced 2024-10-21 17:53:28 +00:00

Commit graph

Author	SHA1	Message	Date
Jakub Nyckowski	0ee91f6c37	Enable GCI linter (#17894 )	2022-10-28 20:20:28 +00:00
Brian Joerger	2717c1d2e0	Security fixes (#13298 ) * Add CSRF mitigations This commit includes two fixes: 1. Enforce an application/json Content-Type server-side. 2. When checking the bearer token, verify that the user associated with the token matches the user associated with the cookie. * Fix TEL-Q122-13: Access Requests Denial Of Service Via Request Reason (#125) (#127) * Ignore input when data flow is off in TermManager When data flow is disabled in TermManager (at the beginning or when TermManager.Off was called) we should ignore all input we receive (currently we buffer it) * Agent forwarding socket security fix. Co-authored-by: Lisa Kim <lisa@goteleport.com> Co-authored-by: Joel <jwejdenstal@icloud.com> Co-authored-by: Przemko Robakowski <przemko@przemko-robakowski.pl>	2022-06-08 18:12:45 +00:00

Author

SHA1

Message

Date

Jakub Nyckowski

0ee91f6c37

Enable GCI linter (#17894 )

2022-10-28 20:20:28 +00:00

Brian Joerger

2717c1d2e0

Security fixes (#13298 )

* Add CSRF mitigations

This commit includes two fixes:

1. Enforce an application/json Content-Type server-side.
2. When checking the bearer token, verify that the user
   associated with the token matches the user associated
   with the cookie.

* Fix TEL-Q122-13: Access Requests Denial Of Service Via Request Reason (#125) (#127)

* Ignore input when data flow is off in TermManager

When data flow is disabled in TermManager (at the beginning or when TermManager.Off was called) we should ignore all input we receive (currently we buffer it)

* Agent forwarding socket security fix.

Co-authored-by: Lisa Kim <lisa@goteleport.com>
Co-authored-by: Joel <jwejdenstal@icloud.com>
Co-authored-by: Przemko Robakowski <przemko@przemko-robakowski.pl>

2022-06-08 18:12:45 +00:00

2 commits